diff mbox series

override-{a{1,3},other}: weekly batch of various overrides

Message ID	196a6c58-1f91-c3e0-0bf0-252511328b81@ipfire.org
State	Accepted
Commit	d0dc235bc7c01ed4720c13ac120872366340699d
Headers	To: "IPFire: Location" <location@lists.ipfire.org> From: =?utf-8?q?Peter_M=C3=BCller?= <peter.mueller@ipfire.org> Subject: [PATCH] override-{a{1,3},other}: weekly batch of various overrides Message-ID: <196a6c58-1f91-c3e0-0bf0-252511328b81@ipfire.org> Date: Fri, 14 May 2021 09:52:09 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit Precedence: list Errors-To: location-bounces@lists.ipfire.org Sender: "Location" <location-bounces@lists.ipfire.org>
Series	override-{a{1,3},other}: weekly batch of various overrides \| override-{a{1,3},other}: weekly batch of various overrides

Commit Message

Peter Müller May 14, 2021, 7:52 a.m. UTC

  AS58110 is especially interesting...

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
---
 overrides/override-a1.txt    | 12 +++++++++++-
 overrides/override-a3.txt    | 15 +++++++++++++++
 overrides/override-other.txt | 37 +++++++++++++++++++++++++++++++++++-
 3 files changed, 62 insertions(+), 2 deletions(-)

diff mbox series

Patch

diff --git a/overrides/override-a1.txt b/overrides/override-a1.txt
index 06d2d20..fc97098 100644
--- a/overrides/override-a1.txt
+++ b/overrides/override-a1.txt
@@ -46,7 +46,7 @@  is-anonymous-proxy:	yes
 
 aut-num:			AS34962
 descr:				Epik Network
-remarks:			VPN provider
+remarks:			Shady ISP and registrar, many prefixes announced refer to "anonymize" infrastructure
 is-anonymous-proxy:	yes
 
 aut-num:			AS35029
@@ -110,6 +110,11 @@  remarks:			Autonomous System registered to offshore company, abuse contact is a
 is-anonymous-proxy:	yes
 country:			AP
 
+aut-num:			AS58110
+descr:				IP Volume Ltd. / Epik
+remarks:			Shady Autonomous System registered to letterbox company, possibly copycat operation of Epik registrar, many prefixes announced refer to "anonymize" infrastructure
+is-anonymous-proxy:	yes
+
 aut-num:			AS58546
 descr:				Astrill VPN
 remarks:			VPN provider
@@ -1045,6 +1050,11 @@  descr:				Access Now
 remarks:			Tor relay provider
 is-anonymous-proxy:	yes
 
+net:				176.119.142.0/24
+descr:				Artykova Alina Biktimerovna / BroVPN
+remarks:			VPN provider
+is-anonymous-proxy:	yes
+
 net:				178.170.136.0/22
 descr:				GZ Systems Limited / PureVPN
 remarks:			VPN provider
diff --git a/overrides/override-a3.txt b/overrides/override-a3.txt
index 36e03a3..ec246c1 100644
--- a/overrides/override-a3.txt
+++ b/overrides/override-a3.txt
@@ -190,6 +190,16 @@  descr:		Hybula B.V.
 remarks:	Generic anycast network
 is-anycast:	yes
 
+net:		5.182.48.0/24
+descr:		FluxCDN
+remarks:	Generic anycast network
+is-anycast:	yes
+
+net:		5.182.49.0/24
+descr:		FluxCDN
+remarks:	Generic anycast network
+is-anycast:	yes
+
 net:		5.254.74.0/24
 descr:		VOXILITY LLC
 remarks:	Generic anycast network
@@ -535,6 +545,11 @@  descr:		Thomas Steen Rasmussen / UncensoredDNS / censurfridns.dk
 remarks:	Public anycast DNS resolver
 is-anycast:	yes
 
+net:		92.118.229.0/24
+descr:		Epik
+remarks:	Generic anycast network
+is-anycast:	yes
+
 net:		92.223.95.0/24
 descr:		G-Core Labs S.A.
 remarks:	Generic anycast network
diff --git a/overrides/override-other.txt b/overrides/override-other.txt
index e56a208..4446279 100644
--- a/overrides/override-other.txt
+++ b/overrides/override-other.txt
@@ -93,6 +93,11 @@  descr:		Neterra Ltd.
 remarks:	ISP located in BG, but some RIR data for announced prefixes contain garbage
 country:	BG
 
+aut-num:	AS35624
+descr:		Neterra Ltd.
+remarks:	ISP located in RU, but some RIR data for announced prefixes contain garbage
+country:	RU
+
 aut-num:	AS39287
 descr:		ab stract / Peter Kolmisoppi
 remarks:	tampers with RIR data, traces back to SE
@@ -378,6 +383,11 @@  descr:		Genius Guard / Genius Security Ltd.
 remarks:	another shady customer of "DDoS Guard Ltd.", probably located in RU
 country:	RU
 
+aut-num:	AS206898
+descr:		Server Hosting Pty Ltd
+remarks:	ISP located in NL, but some RIR data for announced prefixes contain garbage
+country:	NL
+
 aut-num:	AS207046
 descr:		Xtudio Networks S.L.U.
 remarks:	ISP located in ES, but some RIR data for announced prefixes contain garbage
@@ -423,6 +433,11 @@  descr:		Gudaev Maxim Amrakhovich
 remarks:	announcements scatter across various places in EU (DE/CZ/??), but RIR data contain garbage
 country:	EU
 
+aut-num:	AS210119
+descr:		VPSSC Networks LTD
+remarks:	ISP located in UA, but RIR data for announced prefixes contain garbage
+country:	UA
+
 aut-num:	AS211849
 descr:		Kakharov Orinbassar Maratuly
 remarks:	ISP located in RU, but RIR data for announced prefixes contain garbage
@@ -508,6 +523,11 @@  descr:		FlokiNET Ltd.
 remarks:	fake offshore location (SC), traces back to RO
 country:   	RO
 
+net:		45.89.97.0/24
+descr:		IP Volume Ltd. / Epik
+remarks:	fake location (CH), traces back to GB
+country:   	GB
+
 net:		45.93.16.0/22
 descr:		IPv4 Superhub Limited
 remarks:	network owned by an HK company, traces back to HK as well - but is assigned to DE. Nice try...
@@ -515,7 +535,7 @@  country:	HK
 
 net:		45.134.12.0/24
 descr:		MS Network LTD
-remarks:	fake offshore location (SC), traces back to NLm
+remarks:	fake offshore location (SC), traces back to NL
 country:   	NL
 
 net:		45.134.144.0/22
@@ -548,6 +568,21 @@  descr:		Golden Internet LLC
 remarks:	fake location (KP), WHOIS contact points to RU
 country:   	RU
 
+net:		91.149.194.0/24
+descr:		IP Volume Ltd. / Epik
+remarks:	fake location (CH), traces back to SE
+country:   	SE
+
+net:		91.149.195.0/24
+descr:		IP Volume Ltd. / Epik
+remarks:	fake location (CH), traces back to SE
+country:   	SE
+
+net:		91.149.224.0/24
+descr:		IP Volume Ltd. / Epik
+remarks:	fake location (CH), traces back to NO
+country:   	NO
+
 net:		91.243.32.0/19
 descr:		Petersburg Internet Network Ltd.
 remarks:	RIR data for suballocations contain garbage, they are all located in RU